Metasploit Penetration Testing Cookbook, Second Edition

Know how hackers behave to stop them! This cookbook provides many recipes for penetration testing using Metasploit and virtual machines. From basics to advanced techniques, it’s ideal for Metaspoilt veterans and newcomers alike.

Metasploit Penetration Testing Cookbook, Second Edition

Monika Agarwal, Abhinav Singh October 2013

Know how hackers behave to stop them! This cookbook provides many recipes for penetration testing using Metasploit and virtual machines. From basics to advanced techniques, it’s ideal for Metaspoilt veterans and newcomers alike.

Mapt Subscription

FREE

$29.99/m after trial

eBook

$21.00

RRP $29.99

Save 29%

Print + eBook

$49.99

RRP $49.99

What do I get with a Mapt Pro subscription?

Unlimited access to all Packt’s 5,000+ eBooks and Videos

Early Access content, Progress Tracking, and Assessments

1 Free eBook or Video to download and keep every month after trial

What do I get with an eBook?

Download this book in EPUB, PDF, MOBI formats

DRM FREE - read and interact with your content when you want, where you want, and how you want

Access this title in the Mapt reader

What do I get with Print & eBook?

Get a paperback copy of the book delivered to you

Download this book in EPUB, PDF, MOBI formats

DRM FREE - read and interact with your content when you want, where you want, and how you want

Access this title in the Mapt reader

What do I get with a Video?

Download this Video course in MP4 format

DRM FREE - read and interact with your content when you want, where you want, and how you want

Book Details

ISBN 139781782166788

Paperback320 pages

Book Description

Metasploit software helps security and IT professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

Metasploit Penetration Testing Cookbook, Second Edition contains chapters that are logically arranged with an increasing level of complexity and thoroughly covers some aspects of Metasploit, ranging from pre-exploitation to the post-exploitation phase. This book is an update from version 4.0 to version 4.5. It covers the detailed penetration testing techniques for different specializations like wireless networks, VOIP systems, and the cloud.

Metasploit Penetration Testing Cookbook, Second Edition covers a number of topics which were not part of the first edition. You will learn how to penetrate an operating system (Windows 8 penetration testing) to the penetration of a wireless network, VoIP network, and then to cloud.

The book starts with the basics, such as gathering information about your target, and then develops to cover advanced topics like building your own framework scripts and modules. The book goes deep into operating-systems-based penetration testing techniques and moves ahead with client-based exploitation methodologies. In the post-exploitation phase, it covers meterpreter, antivirus bypass, ruby wonders, exploit building, porting exploits to the framework, and penetration testing, while dealing with VOIP, wireless networks, and cloud computing.

This book will help readers to think from a hacker's perspective to dig out the flaws in target networks and also to leverage the powers of Metasploit to compromise them. It will take your penetration skills to the next level.

Table of Contents

Chapter 1: Metasploit Quick Tips for Security Professionals

Introduction

Configuring Metasploit on Windows

Configuring Metasploit on Ubuntu

Installing Metasploit with BackTrack 5 R3

Setting up penetration testing using VMware

Setting up Metasploit on a virtual machine with SSH connectivity

Installing and configuring PostgreSQL in BackTrack 5 R3

Using the database to store the penetration testing results

Working with BBQSQL

Chapter 2: Information Gathering and Scanning

Introduction

Passive information gathering

Port scanning – the Nmap way

Port scanning – the DNmap way

Using keimpx – an SMB credentials scanner

Detecting SSH versions with the SSH version scanner

FTP scanning

SNMP sweeping

Vulnerability scanning with Nessus

Scanning with NeXpose

Working with OpenVAS – a vulnerability scanner

Chapter 3: Operating-System-based Vulnerability Assessment

Introduction

Penetration testing on a Windows XP SP2 machine

Binding a shell to the target for remote access

Penetration testing on Windows 8

Exploiting a Linux (Ubuntu) machine

Understanding the Windows DLL injection flaws

Chapter 4: Client-side Exploitation and Antivirus Bypass

Introduction

Exploiting Internet Explorer execCommand Use-After-Free vulnerability

Understanding Adobe Flash Player "new function" invalid pointer use

Understanding Microsoft Word RTF stack buffer overflow

Working with Adobe Reader U3D Memory Corruption

Generating binary and shell code from msfpayload

Msfencoding schemes with the detection ratio

Using the killav.rb script to disable the antivirus programs

Killing the antiviruses' services from the command line

Working with the syringe utility

Chapter 5: Working with Modules for Penetration Testing

Introduction

Working with scanner auxiliary modules

Working with auxiliary admin modules

SQL injection and DoS attack module

Post-exploitation modules

Understanding the basics of module building

Analyzing an existing module

Building your own post-exploitation module

Chapter 6: Exploring Exploits

Introduction

Exploiting the module structure

Working with msfvenom

Converting an exploit to a Metasploit module

Porting and testing the new exploit module

Fuzzing with Metasploit

Writing a simple FileZilla FTP fuzzer

Chapter 7: VoIP Penetration Testing

Introduction

Scanning and enumeration phase

Yielding passwords

VLAN hopping

VoIP MAC spoofing

Impersonation attack

DoS attack

Chapter 8: Wireless Network Penetration Testing

Introduction

Setting up and running Fern WiFi Cracker

Sniffing interfaces with tcpdump

Cracking WEP and WPA with Fern WiFi Cracker

Session hijacking via a MAC address

Locating a target's geolocation

Understanding an evil twin attack

Configuring Karmetasploit

Chapter 9: Social-Engineer Toolkit

Introduction

Getting started with the Social-Engineer Toolkit (SET)

Working with the SET config file

Working with the spear-phishing attack vector

Website attack vectors

Working with the multi-attack web method

Infectious media generator

Chapter 10: Working with Meterpreter

Introduction

Understanding the Meterpreter system commands

Understanding the Meterpreter filesystem commands

Understanding the Meterpreter networking commands

Privilege escalation and process migration

Setting up multiple communication channels with the target

Meterpreter anti-forensics – timestomp

The getdesktop and keystroke sniffing

Using a scraper Meterpreter script

Passing the hash

Setting up a persistent connection with backdoors

Pivoting with Meterpreter

Port forwarding with Meterpreter

Meterpreter API and mixins

Railgun – converting Ruby into a weapon

Adding DLL and function definition to Railgun

Building a "Windows Firewall De-activator" Meterpreter script

Analyzing an existing Meterpreter script

Injecting the VNC server remotely

Exploiting a vulnerable PHP application

Incognito attack with Meterpreter

What You Will Learn

Set up a complete penetration testing environment using Metasploit and virtual machines

Discover how to penetration test popular operating systems such as Windows 8

Get familiar with penetration testing based on client side exploitation techniques with detailed analysis of vulnerabilities and codes

Build and analyze meterpreter scripts in Ruby

Learn penetration testing in VOIP, WLAN, and the cloud from start to finish including information gathering, vulnerability assessment, exploitation, and privilege escalation

Make the most of the exclusive coverage of antivirus bypassing techniques using Metasploit

Work with BBQSQL to analyze the stored results of the database

Authors

Monika Agarwal

Monika Agarwal is a young Information Security Researcher from India. She has presented many research papers at both national and international conferences. She is a member of IAENG (International Association of Engineers). Her main areas of interest are ethical hacking and ad hoc networking.

Abhinav Singh

Abhinav Singh is a young Information Security specialist from India. He has a keen interest in the field of hacking and network security and has adopted it as his full-time profession. He is also the author of Metasploit Penetration Testing Cookbook, Packt Publishing. He is an active contributor to the SecurityXploded community. Abhinav's works have been quoted in several security and technology magazines and portals.

Alerts & Offers

Series & Level

We understand your time is important. Uniquely amongst the major publishers, we seek to develop and publish the broadest range of learning and information products on each technology. Every Packt product delivers a specific learning pathway, broadly defined by the Series type. This structured approach enables you to select the pathway which best suits your knowledge level, learning style and task objectives.

Learning

As a new user, these step-by-step tutorial guides will give you all the practical skills necessary to become competent and efficient.

Beginner's Guide

Friendly, informal tutorials that provide a practical introduction using examples, activities, and challenges.

Essentials

Fast paced, concentrated introductions showing the quickest way to put the tool to work in the real world.

Cookbook

A collection of practical self-contained recipes that all users of the technology will find useful for building more powerful and reliable systems.

Blueprints

Guides you through the most common types of project you'll encounter, giving you end-to-end guidance on how to build your specific solution quickly and reliably.

Mastering

Take your skills to the next level with advanced tutorials that will give you confidence to master the tool's most powerful features.

Starting

Accessible to readers adopting the topic, these titles get you into the tool or technology so that you can become an effective user.

Progressing

Building on core skills you already have, these titles share solutions and expertise so you become a highly productive power user.